SYN floods (was: does history repeat itself?)

Michael Dillon michael at memra.com
Thu Sep 12 19:09:44 UTC 1996


On Thu, 12 Sep 1996, John G. Scudder wrote:

> Insofar as guys who "barely know what a TCP SYN is" are unlikely to twist
> the knobs, defaulting filtering to "block spoofed addresses" seems like the
> best and maybe only way to get them to do it.

If we can get config instructions for all the popular NAS boxes like
Ascend, Livingston, USR etc. posted to a web page somewher then we can get
the word out to a lot of ISP's via the 7 or 8 ISP mailing lists,
Boardwatch magazine and USENET. But for the benefit of those maginally
clueful people out there we need to have some fairly explicit
instructions.

I know ra.net has an ISP section on their WWW server and it wouldn't hurt
to point more ISP's at www.ra.net anyway.

Michael Dillon                   -               ISP & Internet Consulting
Memra Software Inc.              -                  Fax: +1-604-546-3049
http://www.memra.com             -               E-mail: michael at memra.com






More information about the NANOG mailing list